{# SPDX-License-Identifier: Apache-2.0 -#}

{% extends "admin/base.html" %}

{% block title %}
  Malware Reports for
  <a href="{{ request.route_path('admin.project.detail', project_name=project.name) }}">{{ project.name }}</a>
{% endblock %}

{% block breadcrumb %}
  <li class="breadcrumb-item">
    <a href="{{ request.route_path("admin.observations.list") }}">Observations</a>
  </li>
  <li class="breadcrumb-item">
    <a href="{{ request.route_path("admin.malware_reports.list") }}">Malware Reports</a>
  </li>
  <li class="breadcrumb-item active">
    <a href="{{ request.route_path("admin.malware_reports.project.list", project_name=project.name) }}">{{ project.name }}</a>
  </li>
{% endblock %}

{% block content %}
  <div class="timeline">
    {% for report in malware_reports %}
      <div>
        <i class="fa fa-regular fa-flag bg-warning"></i>
        <div class="timeline-item">
          <span class="time"><i class="fas fa-clock"></i> <time datetime="{{ report.created }}" title="{{ report.created }}">{{ report.created }}</time></span>
          <h3 class="timeline-header">
            <a href="{{ request.route_path('admin.malware_reports.detail', observation_id=report.id) }}">Observation <i class="fa-regular fa-eye"></i></a>
          </h3>
          <div class="timeline-body">
            <dl class="row">
              <dt class="col-sm-2">Reported By</dt>
              <dd class="col-sm-10">
                <a href="{{ request.route_path('admin.user.detail', username=report.observer.parent.username) }}">{{ report.observer.parent.username }}</a>
                {% if report.observer.parent.is_observer %}<span class="badge badge-info">Observer</span>{% endif %}
              </dd>
              <dt class="col-sm-2">Origin</dt>
              <dd class="col-sm-10">
                {{ report.payload.get('origin', 'Unknown') }}
              </dd>
              <dt class="col-sm-2">Summary</dt>
              <dd class="col-sm-10">
                {{ report.summary }}
              </dd>
              {% if report.payload.get("inspector_url") %}
                <dt class="col-sm-2">Inspector</dt>
                <dd class="col-sm-10">
                  <a href="{{ report.payload.get("inspector_url") }}" target="_blank">Inspector Link
                    <i class="fa-solid fa-arrow-up-right-from-square"></i>
                  </a>
                </dd>
              {% endif %}
              {# TODO: Decide how to pretty this up when we have more data #}
              {% if report.actions %}
                <dt class="col-sm-2">Actions</dt>
                <dd class="col-sm-10">
                  <ul>
                    {% for timestamp, value in report.actions.items() %}<li>{{ timestamp }}: {{ value }}</li>{% endfor %}
                  </ul>
                </dd>
              {% endif %}
            </dl>
          </div>
          <div class="timeline-footer">
            {% if report.payload.get('inspector_link') %}
              <div class="card card-warning card-outline collapsed-card"
                   id="inspector_iframe">
                <div class="card-header">
                  <h3 class="card-title">
                    <a href="{{ report.payload.get("inspector_link") }}" target="_blank">Inspector Link
                      <i class="fa-solid fa-arrow-up-right-from-square"></i>
                    </a>
                  </h3>
                  <div class="card-tools">
                    <small>(expand for iframe)</small>
                    <button type="button" class="btn btn-tool" data-card-widget="collapse">
                      <i class="fas fa-plus"></i>
                    </button>
                  </div>
                  <!-- /.card-tools -->
                </div>
                <!-- /.card-header -->
                <div class="card-body">
                  <div class="embed-responsive embed-responsive-16by9">
                    <iframe class="embed-responsive-item"
                            src="{{ report.payload.get("inspector_link") }}">
                    </iframe>
                  </div>
                </div>
              </div>
            {% endif %}
          </div>
        </div>
      </div>
      <!-- /.timeline-item -->
    {% endfor %}
    <div>
      <i class="fas fa-clock bg-gray"></i>
    </div>
  </div>
  <!-- /.timeline -->
  <div class="card card-warning">
    <div class="card-header">
      <h3 class="card-title">Take Action on Project</h3>
      <div class="card-tools">
        <span class="badge badge-danger">DANGER</span>
      </div>
      <!-- /.card-tools -->
    </div>
    <!-- /.card-header -->
    <div class="card-body">
      <p>
        These actions will affect <strong>all the Observations for this project</strong>.
        If you wish to take action for a single Observation,
        visit the specific Observation <i class="fa-regular fa-eye"></i>.
      </p>
      <p>
        <strong>Not Malware</strong> will add an entry to each Observation
        that it was reviewed, and no malware was found. The Project will remain active.
      </p>
      <p>
        <strong>Quarantine</strong> will remove the Project from being installable,
        and prohibit the Project from being changed by the Owner.
        The Owner's account will remain active.
        No Observations will be changed, so it will remain in the list.
      </p>
      <p>
        <strong>Remove Malware</strong> will remove the Project,
        freeze the Owner's account, prohibit the Project name from being reused,
        and add the action to all Observations.
      </p>
    </div>
    <!-- /.card-body -->
    <div class="card-footer">
      <div class="row">
        <div class="col">
          <button type="button"
                  class="btn btn-block btn-outline-success"
                  data-toggle="modal"
                  data-target="#modal-not-malware">Not Malware</button>
        </div>
        <div class="col">
          <button type="button"
                  class="btn btn-block btn-outline-warning"
                  data-toggle="modal"
                  data-target="#modal-quarantine">Quarantine Project</button>
        </div>
        <div class="col">
          <button type="button"
                  class="btn btn-block btn-outline-danger"
                  data-toggle="modal"
                  data-target="#modal-remove-malware">Remove Malware</button>
        </div>
      </div>
    </div>
    <!-- /.card-footer -->
  </div>
  <!-- /.card -->
  <div class="modal fade" id="modal-not-malware">
    <div class="modal-dialog modal-not-malware">
      <form id="not-malware"
            action="{{ request.route_path('admin.malware_reports.project.verdict_not_malware', project_name=project.name) }}"
            method="post">
        <input name="csrf_token"
               type="hidden"
               value="{{ request.session.get_csrf_token() }}">
        <div class="modal-content">
          <div class="modal-header bg-success">
            <h4 class="modal-title">Confirm Not Malware</h4>
            <button type="button" class="close" data-dismiss="modal" aria-label="Close">
              <span aria-hidden="true">×</span>
            </button>
          </div>
          <div class="modal-body">
            <p>
              You are confirming that any Malware Observations for <code>{{ project.name }}</code>
              are invalid and not malware.
            </p>
            <div class="form-group">
              <label for="reason">Reason</label>
              <textarea name="reason"
                        id="reason"
                        class="form-control"
                        rows="3"
                        placeholder="Enter reason for confirming not malware"></textarea>
            </div>
          </div>
          <div class="modal-footer justify-content-between">
            <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
            <button type="submit" class="btn btn-success">Verdict: Not Malware</button>
          </div>
        </div>
      </form>
    </div>
  </div>
  <!-- /.modal -->
  <div class="modal fade" id="modal-quarantine">
    <div class="modal-dialog modal-quarantine">
      <form id="quarantine"
            action="{{ request.route_path('admin.malware_reports.project.verdict_quarantine', project_name=project.name) }}"
            method="post">
        <input name="csrf_token"
               type="hidden"
               value="{{ request.session.get_csrf_token() }}">
        <div class="modal-content">
          <div class="modal-header bg-warning">
            <h4 class="modal-title">Quarantine Project</h4>
            <button type="button" class="close" data-dismiss="modal" aria-label="Close">
              <span aria-hidden="true">×</span>
            </button>
          </div>
          <div class="modal-body">
            <p>
              Confirming that <code>{{ project.name }}</code> needs further examination.
            </p>
            <p>
              This will remove the Project from being installable,
              freeze the Owner's account,
              and prohibit the Project from being changed by the Owner.
            </p>
          </div>
          <div class="modal-footer justify-content-between">
            <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
            <button type="submit" class="btn btn-warning">Verdict: Quarantine</button>
          </div>
        </div>
      </form>
    </div>
  </div>
  <!-- /.modal -->
  <div class="modal fade" id="modal-remove-malware">
    <div class="modal-dialog modal-remove-malware">
      <form id="remove-malware"
            action="{{ request.route_path('admin.malware_reports.project.verdict_remove_malware', project_name=project.name) }}"
            method="post">
        <input name="csrf_token"
               type="hidden"
               value="{{ request.session.get_csrf_token() }}">
        <div class="modal-content">
          <div class="modal-header bg-danger">
            <h4 class="modal-title">Remove Malware</h4>
            <button type="button" class="close" data-dismiss="modal" aria-label="Close">
              <span aria-hidden="true">×</span>
            </button>
          </div>
          <div class="modal-body">
            {% set missing_urls = malware_reports | selectattr("additional.helpscout_conversation_url", "undefined") | list %}
            {% if missing_urls %}
              <div class="alert alert-warning">
                <i class="fa fa-exclamation-triangle"></i>
                <strong>Action Blocked:</strong> {{ missing_urls | length }} observation(s) are missing HelpScout conversation URLs.
                Please add HelpScout conversation URLs to all observations before removing as malware.
              </div>
              <p>Missing URLs for observations:</p>
              <ul>
                {% for report in missing_urls %}
                  <li>
                    <a href="{{ request.route_path('admin.malware_reports.detail', observation_id=report.id) }}">
                      Observation {{ report.id | string | truncate(8, False, '...') }} - {{ report.created }}
                    </a>
                  </li>
                {% endfor %}
              </ul>
            {% else %}
              <p>
                You are confirming that any Malware Observations for <code>{{ project.name }}</code>
                are valid and malware.
              </p>
              <p>This will remove the Project, freeze the Owner's account, prohibit the Project name from being reused.</p>
              <div class="form-group col-sm-12">
                <label for="confirm_project_name">
                  Are you sure you want to confirm
                  <strong><code>{{ project.name }}</code></strong>
                  <button type="button" class="copy-text" data-copy-text="{{ project.name }}">
                    <i class="fa fa-copy" aria-hidden="true"></i>
                  </button>
                  as malware?
                </label>
                <input name="project" type="hidden" value="{{ project.name }}">
                <input name="confirm_project_name" id="confirm_project_name" class="form-control" type="text" placeholder="Enter project name to confirm" {{ "disabled" if not request.has_permission(Permissions.AdminProjectsDelete) }} autocomplete="off" autocorrect="off" autocapitalize="off">
              </div>
            {% endif %}
          </div>
          <div class="modal-footer justify-content-between">
            <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
            <button type="submit" class="btn btn-danger" {% if missing_urls %}disabled{% endif %}>Verdict: Remove Malware</button>
          </div>
        </div>
      </form>
    </div>
  </div>
  <!-- /.modal -->
{% endblock content %}
